Merge pull request #1948 from marcosnils/fix/secrets
ci: Unify keys and add private key for testing purposes
This commit is contained in:
commit
511dbd81f4
4
.github/workflows/test-integration.yml
vendored
4
.github/workflows/test-integration.yml
vendored
@ -57,11 +57,9 @@ jobs:
|
|||||||
sudo chmod +x /usr/local/bin/sops
|
sudo chmod +x /usr/local/bin/sops
|
||||||
|
|
||||||
- name: "Import Dagger private key"
|
- name: "Import Dagger private key"
|
||||||
env:
|
|
||||||
DAGGER_AGE_KEY: ${{ secrets.DAGGER_AGE_KEY }}
|
|
||||||
run: |
|
run: |
|
||||||
mkdir -p ~/.config/dagger
|
mkdir -p ~/.config/dagger
|
||||||
echo "$DAGGER_AGE_KEY" > ~/.config/dagger/keys.txt
|
cp ./tests/age_key.txt ~/.config/dagger/keys.txt
|
||||||
|
|
||||||
- name: "Expose GitHub Runtime"
|
- name: "Expose GitHub Runtime"
|
||||||
uses: crazy-max/ghaction-github-runtime@v1
|
uses: crazy-max/ghaction-github-runtime@v1
|
||||||
|
4
.github/workflows/test-universe.yml
vendored
4
.github/workflows/test-universe.yml
vendored
@ -49,11 +49,9 @@ jobs:
|
|||||||
sudo chmod +x /usr/local/bin/sops
|
sudo chmod +x /usr/local/bin/sops
|
||||||
|
|
||||||
- name: "Import Dagger private key"
|
- name: "Import Dagger private key"
|
||||||
env:
|
|
||||||
DAGGER_AGE_KEY: ${{ secrets.DAGGER_AGE_KEY }}
|
|
||||||
run: |
|
run: |
|
||||||
mkdir -p ~/.config/sops/age
|
mkdir -p ~/.config/sops/age
|
||||||
echo "$DAGGER_AGE_KEY" > ~/.config/sops/age/keys.txt
|
cp ./tests/age_key.txt ~/.config/sops/age/keys.txt
|
||||||
|
|
||||||
- name: "Expose GitHub Runtime"
|
- name: "Expose GitHub Runtime"
|
||||||
uses: crazy-max/ghaction-github-runtime@v1
|
uses: crazy-max/ghaction-github-runtime@v1
|
||||||
|
@ -13,7 +13,7 @@ import (
|
|||||||
dagger.#Plan & {
|
dagger.#Plan & {
|
||||||
client: commands: sops: {
|
client: commands: sops: {
|
||||||
name: "sops"
|
name: "sops"
|
||||||
args: ["-d", "../../test_secrets.yaml"]
|
args: ["-d", "../../secrets_sops.yaml"]
|
||||||
stdout: dagger.#Secret
|
stdout: dagger.#Secret
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -26,7 +26,7 @@ dagger.#Plan & {
|
|||||||
format: "yaml"
|
format: "yaml"
|
||||||
}
|
}
|
||||||
|
|
||||||
token: testSecrets.output.netlifyToken.contents
|
token: testSecrets.output.NETLIFY_TOKEN.contents
|
||||||
|
|
||||||
marker: "hello world"
|
marker: "hello world"
|
||||||
|
|
||||||
@ -41,7 +41,7 @@ dagger.#Plan & {
|
|||||||
simple: {
|
simple: {
|
||||||
// Deploy to netlify
|
// Deploy to netlify
|
||||||
deploy: netlify.#Deploy & {
|
deploy: netlify.#Deploy & {
|
||||||
team: "blocklayer"
|
team: "dagger-test"
|
||||||
token: common.token
|
token: common.token
|
||||||
site: "dagger-test"
|
site: "dagger-test"
|
||||||
contents: common.data.output
|
contents: common.data.output
|
||||||
@ -57,7 +57,7 @@ dagger.#Plan & {
|
|||||||
swapImage: {
|
swapImage: {
|
||||||
// Deploy to netlify
|
// Deploy to netlify
|
||||||
deploy: netlify.#Deploy & {
|
deploy: netlify.#Deploy & {
|
||||||
team: "blocklayer"
|
team: "dagger-test"
|
||||||
token: common.token
|
token: common.token
|
||||||
site: "dagger-test"
|
site: "dagger-test"
|
||||||
contents: common.data.output
|
contents: common.data.output
|
||||||
|
@ -1,21 +0,0 @@
|
|||||||
netlifyToken: ENC[AES256_GCM,data:DeTBgf73iiIDVJZ3i1Rd6Cn9KvJGwh7n8/u/zWKdpaMvU7R1X43JqMbZMg==,iv:0HmdJr7BHKQk+RrCWAzZCkU7BkJ5N5//otgwAgJnQ6w=,tag:DoVYsCnO6HMHXpakX4uBlA==,type:str]
|
|
||||||
sops:
|
|
||||||
kms: []
|
|
||||||
gcp_kms: []
|
|
||||||
azure_kv: []
|
|
||||||
hc_vault: []
|
|
||||||
age:
|
|
||||||
- recipient: age1gxwmtwahzwdmrskhf90ppwlnze30lgpm056kuesrxzeuyclrwvpsupwtpk
|
|
||||||
enc: |
|
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBnUEhWbjV3M29oUUJyWk81
|
|
||||||
Wk1WQ1E0cmtuVlhNSGxkWUM3WmJXdUYvbzAwCjlFWW9IVmtmTjY1aU1LR2lxWFlT
|
|
||||||
am9RemNqSDRWK2FDYk1xeGNiTFlWMFUKLS0tIFVrSzBCMERQbnhYb09ReVpFK00v
|
|
||||||
TG5YUDlFVzlRRFBCdEhsNVlVK1dMRTgKx1TPZWWQiaU8iMni03/ekG+m4rFCcaa4
|
|
||||||
JI+ED2d+8411BgZtlss/ukQtwskidvYTvetyWw2jes6o1lhfDv5q2A==
|
|
||||||
-----END AGE ENCRYPTED FILE-----
|
|
||||||
lastmodified: "2022-01-20T00:42:44Z"
|
|
||||||
mac: ENC[AES256_GCM,data:N4dbowNmz34Hn/o1Ofv4g9Z5I7EzcYyrGpXSu9fkczd69zkTpv87uFamEdV/kQM2bbIEm9gS8d0oTi41qsC0iax368YUJmjG6xMptwrrA/mcjRzwXjlPrCZN9454srJw4NXWm0F5/aJQa4XlO65OCLZw+4WCz0wyAWwKzuQNAb0=,iv:EIG55jdEIbVp390uCVJ/rCjJO+s+CsAblH0/CIMNgIc=,tag:dcZDoMsBToikTQ83R0azag==,type:str]
|
|
||||||
pgp: []
|
|
||||||
unencrypted_suffix: _unencrypted
|
|
||||||
version: 3.7.1
|
|
4
tests/age_key.txt
Normal file
4
tests/age_key.txt
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
# Dagger CI
|
||||||
|
# created: 2021-05-26T17:10:52-07:00
|
||||||
|
# public key: age1gxwmtwahzwdmrskhf90ppwlnze30lgpm056kuesrxzeuyclrwvpsupwtpk
|
||||||
|
AGE-SECRET-KEY-1R8RRCL7NXA5SHW6HEZCJ5FJG2JJECSNVDHCF533W3CNDJGQL0AVQEA0JK7
|
@ -1,8 +1,9 @@
|
|||||||
TestPAT: ENC[AES256_GCM,data:tLrYG8WCZah93gWkvltLzvxAhB1Tj7fmPZ/iZac8bjMo0+y74bq1qg==,iv:UD9s7flTy/FvW+NHg82l1xJruXldnSCRlRQpg5z7WO8=,tag:v35hzseqeY7V3P7J/hg28w==,type:str]
|
TestPAT: ENC[AES256_GCM,data:R6yLIJWAdXBiXtNewC9TNZoG92Stzebvc94XHaTjdg1H3iLkV9/J4w==,iv:TDIkf+YNFnqj1f9UFPcMfHblcpLT56cOlShpm5JaMkY=,tag:urFpg9cSg+7+nsf9DON1Fw==,type:str]
|
||||||
DOCKERHUB_TOKEN: ENC[AES256_GCM,data:ZWXFsmZI/uf5VT/1Se4lvON4AK349sXclWI+kZrzabj7447U,iv:eTj0xRSwMjUUrokpIr7UohC07cO69WAsxO/NZXSsmLw=,tag:PjHp/PnIDL/dx4cjESpJgQ==,type:str]
|
NETLIFY_TOKEN: ENC[AES256_GCM,data:AyLLlXC3FuAwHuQLM5RRhzwKIZyFkucKBABLXeWBYLnF9oaEfhn/xBRCbw==,iv:QyMGzxp4NY2jgFgj6ZEW7sGXQdPBWHPfRrs196EHnLg=,tag:/IJYM6C/g9iNcY+IQrUvbA==,type:str]
|
||||||
|
DOCKERHUB_TOKEN: ENC[AES256_GCM,data:oYROIHQZfR7c28aGvdDU3mURR/SBGhlbRsd84mNVAuxdy6S8,iv:RsVszAOxF19Z3i4HbWw4BKHCJdly8IT2gVOrQwE5Fgk=,tag:oks5BXxcU3UzoawzNkX7uw==,type:str]
|
||||||
AWS:
|
AWS:
|
||||||
AWS_ACCESS_KEY_ID: ENC[AES256_GCM,data:jH9qw1DFauiOILteQJP4hbcAL/A=,iv:4WBQsGoQtApT7vUgIjopq4dC1KME9wQU1I7oj6KQy/E=,tag:WbSDp5rFEVgmqprY+RcBuw==,type:str]
|
AWS_ACCESS_KEY_ID: ENC[AES256_GCM,data:KahWpPHbl+rv1RGOJHfl+g76FgQ=,iv:iDAYBuCJ4xMKLf4dHM50hq7B22nVXRd/nxAynwgjlns=,tag:+aBqWay5U//pT5b3RSGYWw==,type:str]
|
||||||
AWS_SECRET_ACCESS_KEY: ENC[AES256_GCM,data:oR+i0k/escdAGX0hUWTpGGQvbbiU4BWlb3983lpcA1tI1egTj6Nmpg==,iv:iXPaZvjg03htTPiOMER5+iLP2qzdOJTfnq7xSHbFTAs=,tag:fa66HZubWdceC864bjXoDQ==,type:str]
|
AWS_SECRET_ACCESS_KEY: ENC[AES256_GCM,data:mlEQJPJxsnaaXvB0L3SeNbAbY+rsKP4J01NzCvtQsyOMN35COXETDQ==,iv:NH5zhV5akMXcH+Gx/DvVHdOrl31kaIDwtyw1IF0gzHg=,tag:NL3uBHqHDFT80FqbflMVtw==,type:str]
|
||||||
sops:
|
sops:
|
||||||
kms: []
|
kms: []
|
||||||
gcp_kms: []
|
gcp_kms: []
|
||||||
@ -12,14 +13,14 @@ sops:
|
|||||||
- recipient: age1gxwmtwahzwdmrskhf90ppwlnze30lgpm056kuesrxzeuyclrwvpsupwtpk
|
- recipient: age1gxwmtwahzwdmrskhf90ppwlnze30lgpm056kuesrxzeuyclrwvpsupwtpk
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVaUprdU9CUFpGdFRTazA5
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTa2ZOR3U1YzRNNGhwMHZx
|
||||||
Wll2RzVjUlhvRUVDbU1aVVhKV204Wjg3azFVCmdhYXZFTEl2TGFPTk83cmxjK2hM
|
dG5yUFlyK2VMZGVaWkcxdzRwMk5oQjB1MVY4CnJKMTVONksvZHIrQkJIcWZpVXhK
|
||||||
RVNGZHBoSDZmQ1RKL0Y3S0ZHMUxEd2MKLS0tIDJaZWdsYVVuUXJPVkVCVlNPQkVG
|
aUR1N0dtazM1ODFzS01CVmlVeERKeUEKLS0tIHh4OEVtc1BMbU9MRXRoOGJQakhj
|
||||||
eUt4NEUyVXVaa1FBVWhoeEJSTVpiWnMKJXNDKz9mf7zmb1oJ9BXgkDDfz2QUg/fJ
|
cjgrby94cDZ0SW51UFNjVmpjVFNCeE0K9/OH1T2xiNSu27uTE6fqyzZfAIzpSNdL
|
||||||
Sx2jlW7s1TuiH8GeL4jxw5Euh0DFw6YZO9j05dcygJslZWtLopUHAQ==
|
q/1B8YeDrRGg/jYYW53bLlwmcBzAK89JdE/RtFnLnqJ203mhrnpIWw==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
lastmodified: "2022-02-18T17:21:55Z"
|
lastmodified: "2022-03-30T20:59:45Z"
|
||||||
mac: ENC[AES256_GCM,data:50O/LO+8z+Dqm3wx8xaJGyL+nQ3KShQgDAYnV+GEjaacwBGhPSbwK5M/JxR98mq0PlikbHl0cv5CfUpvkShIuTdrz68QSsxn1KcVgiJeW5s8v2+0dJGEjOzy8ASnHm3uG0msB6cD00hrECc7htjaHCWk55cMlKliGUNNAh5Q28g=,iv:IujDY2mWrhfQNI1D40hev4yFNiqQSv8k4KN7kvpe7LQ=,tag:DfvoOkSxX1YIWPqAY31ifA==,type:str]
|
mac: ENC[AES256_GCM,data:lfCIakVD8rd5PV38i9uz1z0btv/EQdlDbluxnZ+7fH9TDaKzLEgMhBrI/uOT8JImzVkgLB084nRPvfmIDQneAsE+lNakcWkUYHibxSjMr9fibaRnBSUFh3MfXf1zogKdIYjeoOdHyOAC7xus303ASJbebF45BiRVun+rjLIf1Pk=,iv:3K9RJzPymURK58zuHRil412rLmkQ4Mbz3B7zXW74aMw=,tag:haRsB73PQ9FPp1h265J3ew==,type:str]
|
||||||
pgp: []
|
pgp: []
|
||||||
unencrypted_suffix: _unencrypted
|
unencrypted_suffix: _unencrypted
|
||||||
version: 3.7.1
|
version: 3.7.2
|
||||||
|
@ -24,7 +24,7 @@ dagger.#Plan & {
|
|||||||
}
|
}
|
||||||
|
|
||||||
testRepo: core.#GitPull & {
|
testRepo: core.#GitPull & {
|
||||||
remote: "https://github.com/dagger/dagger.git"
|
remote: "https://github.com/dagger/test.git"
|
||||||
ref: "main"
|
ref: "main"
|
||||||
auth: {
|
auth: {
|
||||||
username: "dagger-test"
|
username: "dagger-test"
|
||||||
|
Reference in New Issue
Block a user